aws · Dec 13, 2024
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/Model/AwsCryptographyDbEncryptionSdkDynamoDbTypes.dfy
Lines changed: 1 addition & 1 deletion b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/Model/AwsCryptographyDbEncryptionSdkDynamoDbTypes.dfy
Lines changed: 1 addition & 1 deletion
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/Model/DynamoDbEncryption.smithy
Lines changed: 2 additions & 2 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/Model/DynamoDbEncryption.smithy
Lines changed: 2 additions & 2 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/Beacon.dfy
Lines changed: 14 additions & 14 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/Beacon.dfy
Lines changed: 14 additions & 14 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/CompoundBeacon.dfy
Lines changed: 9 additions & 9 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/CompoundBeacon.dfy
Lines changed: 9 additions & 9 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/ConfigToInfo.dfy
Lines changed: 20 additions & 27 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/ConfigToInfo.dfy
Lines changed: 20 additions & 27 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/DynamoToStruct.dfy
Lines changed: 4 additions & 4 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/DynamoToStruct.dfy
Lines changed: 4 additions & 4 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/FilterExpr.dfy
Lines changed: 3 additions & 3 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/FilterExpr.dfy
Lines changed: 3 additions & 3 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/SearchInfo.dfy
Lines changed: 33 additions & 17 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/SearchInfo.dfy
Lines changed: 33 additions & 17 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/Virtual.dfy
Lines changed: 11 additions & 11 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/src/Virtual.dfy
Lines changed: 11 additions & 11 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryption/test/BeaconTestFixtures.dfy
Lines changed: 3 additions & 3 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryption/test/BeaconTestFixtures.dfy
Lines changed: 3 additions & 3 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/Model/AwsCryptographyDbEncryptionSdkDynamoDbTransformsTypes.dfy
Lines changed: 1 addition & 1 deletion b/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/Model/AwsCryptographyDbEncryptionSdkDynamoDbTransformsTypes.dfy
Lines changed: 1 addition & 1 deletion
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/DdbMiddlewareConfig.dfy
Lines changed: 3 additions & 3 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/DdbMiddlewareConfig.dfy
Lines changed: 3 additions & 3 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/DynamoDbMiddlewareSupport.dfy
Lines changed: 5 additions & 5 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/DynamoDbMiddlewareSupport.dfy
Lines changed: 5 additions & 5 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/UpdateItemTransform.dfy
Lines changed: 2 additions & 2 deletions b/‎DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/UpdateItemTransform.dfy
Lines changed: 2 additions & 2 deletions
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbItemEncryptor/Model/AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorTypes.dfy
Lines changed: 1 addition & 1 deletion b/‎DynamoDbEncryption/dafny/DynamoDbItemEncryptor/Model/AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorTypes.dfy
Lines changed: 1 addition & 1 deletion
diff --git a/‎DynamoDbEncryption/dafny/DynamoDbItemEncryptor/src/AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorOperations.dfy
Lines changed: 12 additions & 12 deletions b/‎DynamoDbEncryption/dafny/DynamoDbItemEncryptor/src/AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorOperations.dfy
Lines changed: 12 additions & 12 deletions
diff --git a/‎DynamoDbEncryption/dafny/StructuredEncryption/Model/AwsCryptographyDbEncryptionSdkStructuredEncryptionTypes.dfy
Lines changed: 1 addition & 1 deletion b/‎DynamoDbEncryption/dafny/StructuredEncryption/Model/AwsCryptographyDbEncryptionSdkStructuredEncryptionTypes.dfy
Lines changed: 1 addition & 1 deletion
diff --git a/‎DynamoDbEncryption/dafny/StructuredEncryption/src/AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations.dfy
Lines changed: 6 additions & 6 deletions b/‎DynamoDbEncryption/dafny/StructuredEncryption/src/AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations.dfy
Lines changed: 6 additions & 6 deletions
diff --git a/‎DynamoDbEncryption/dafny/StructuredEncryption/src/Canonize.dfy
Lines changed: 1 addition & 1 deletion b/‎DynamoDbEncryption/dafny/StructuredEncryption/src/Canonize.dfy
Lines changed: 1 addition & 1 deletion
diff --git a/‎DynamoDbEncryption/dafny/StructuredEncryption/src/Crypt.dfy
Lines changed: 8 additions & 8 deletions b/‎DynamoDbEncryption/dafny/StructuredEncryption/src/Crypt.dfy
Lines changed: 8 additions & 8 deletions
diff --git a/‎DynamoDbEncryption/dafny/StructuredEncryption/src/Header.dfy
Lines changed: 15 additions & 15 deletions b/‎DynamoDbEncryption/dafny/StructuredEncryption/src/Header.dfy
Lines changed: 15 additions & 15 deletions
diff --git a/‎DynamoDbEncryption/runtimes/java/src/main/smithy-generated/software/amazon/cryptography/dbencryptionsdk/dynamodb/model/MultiKeyStore.java
Lines changed: 4 additions & 4 deletions b/‎DynamoDbEncryption/runtimes/java/src/main/smithy-generated/software/amazon/cryptography/dbencryptionsdk/dynamodb/model/MultiKeyStore.java
Lines changed: 4 additions & 4 deletions
diff --git a/‎DynamoDbEncryption/runtimes/java/src/main/smithy-generated/software/amazon/cryptography/dbencryptionsdk/dynamodb/model/SingleKeyStore.java
Lines changed: 4 additions & 4 deletions b/‎DynamoDbEncryption/runtimes/java/src/main/smithy-generated/software/amazon/cryptography/dbencryptionsdk/dynamodb/model/SingleKeyStore.java
Lines changed: 4 additions & 4 deletions
diff --git a/‎TestVectors/dafny/DDBEncryption/Model/AwsCryptographyDynamoDbEncryptionTypesWrapped.dfy
Lines changed: 2 additions & 2 deletions b/‎TestVectors/dafny/DDBEncryption/Model/AwsCryptographyDynamoDbEncryptionTypesWrapped.dfy
Lines changed: 2 additions & 2 deletions
diff --git a/‎TestVectors/dafny/DDBEncryption/src/JsonConfig.dfy
Lines changed: 1 addition & 1 deletion b/‎TestVectors/dafny/DDBEncryption/src/JsonConfig.dfy
Lines changed: 1 addition & 1 deletion
@@ -17,7 +17,7 @@ module {:extern "software.amazon.cryptography.dbencryptionsdk.dynamodb.internald
   import AwsCryptographyKeyStoreTypes
   import AwsCryptographyPrimitivesTypes
   import ComAmazonawsDynamodbTypes
-    // Generic helpers for verification of mock/unit tests.
+  // Generic helpers for verification of mock/unit tests.
   datatype DafnyCallEvent<I, O> = DafnyCallEvent(input: I, output: O)
 
   // Begin Generated Types
 
@@ -719,7 +719,7 @@ structure SingleKeyStore {
   cacheTTL: Integer,
   @documentation("Provide the Shared Cache for Searchable Encryption.")
   cache : CacheType,
-  @documentation("Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.")
+  @documentation("Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.")
   partitionId: String
 }
 
@@ -740,7 +740,7 @@ structure MultiKeyStore {
   cacheTTL: Integer,
   @javadoc("Which type of local cache to use.")
   cache : CacheType,
-  @documentation("Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.")
+  @documentation("Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.")
   partitionId: String
 }
 
 
@@ -236,14 +236,14 @@ module BaseBeacon {
                 //# [AttributeValue](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_AttributeValue.html)
                 //# MUST be type "SS" StringSet.
                 && (ret.value.Some? ==> ret.value.value.SS?)
-                   //= specification/searchable-encryption/beacons.md#value-for-a-set-standard-beacon
-                   //= type=implication
-                   //# * The resulting set MUST NOT contain duplicates.
+                //= specification/searchable-encryption/beacons.md#value-for-a-set-standard-beacon
+                //= type=implication
+                //# * The resulting set MUST NOT contain duplicates.
                 && (ret.value.Some? ==> HasNoDuplicates(ret.value.value.SS))
-                   //= specification/searchable-encryption/beacons.md#asset-initialization
-                   //= type=implication
-                   //# * Writing an item MUST fail if the item contains this beacon's attribute,
-                   //# and that attribute is not of type Set.
+                //= specification/searchable-encryption/beacons.md#asset-initialization
+                //= type=implication
+                //# * Writing an item MUST fail if the item contains this beacon's attribute,
+                //# and that attribute is not of type Set.
                 && var value := TermLoc.TermToAttr(loc, item, None);
                 && (value.Some? && !(value.value.SS? || value.value.NS? || value.value.BS?) ==> ret.Failure?)
     {
@@ -272,14 +272,14 @@ module BaseBeacon {
                 //= type=implication
                 //# * This operation MUST return no value if the associated field does not exist in the record
                 && (bytes.None? ==> ret.value.None?)
-                   //= specification/searchable-encryption/beacons.md#value-for-a-non-set-standard-beacon
-                   //= type=implication
-                   //# * This operation MUST convert the attribute value of the associated field to
-                   //# a sequence of bytes, as per [attribute serialization](../dynamodb-encryption-client/ddb-attribute-serialization.md).
+                //= specification/searchable-encryption/beacons.md#value-for-a-non-set-standard-beacon
+                //= type=implication
+                //# * This operation MUST convert the attribute value of the associated field to
+                //# a sequence of bytes, as per [attribute serialization](../dynamodb-encryption-client/ddb-attribute-serialization.md).
                 && (bytes.Some? ==> ret.value.Some? && hash(bytes.value, key).Success? && ret.value.value == DDB.AttributeValue.S(hash(bytes.value, key).value))
-                   //= specification/searchable-encryption/beacons.md#value-for-a-non-set-standard-beacon
-                   //= type=implication
-                   //# * This operation MUST return the [basicHash](#basichash) of the resulting bytes and the configured [beacon length](#beacon-length).
+                //= specification/searchable-encryption/beacons.md#value-for-a-non-set-standard-beacon
+                //= type=implication
+                //# * This operation MUST return the [basicHash](#basichash) of the resulting bytes and the configured [beacon length](#beacon-length).
                 && (bytes.Some? ==> ret.value.Some? && base.hash(bytes.value, key, length).Success? && ret.value.value == DDB.AttributeValue.S(base.hash(bytes.value, key, length).value))
     {
       var bytes :- VirtToBytes(loc, item, vf);
 
@@ -397,9 +397,9 @@ module CompoundBeacon {
                 //= type=implication
                 //# * If a string is returned, it MUST NOT be empty.
                 && |res.value.value| > 0
-                   //= specification/searchable-encryption/beacons.md#value-for-a-compound-beacon
-                   //= type=implication
-                   //# * This operation MUST iterate through all constructors, in order, using the first that succeeds.
+                //= specification/searchable-encryption/beacons.md#value-for-a-compound-beacon
+                //= type=implication
+                //# * This operation MUST iterate through all constructors, in order, using the first that succeeds.
                 && TryConstructors(construct, item, vf, keys).Success?
     {
       TryConstructors(construct, item, vf, keys)
@@ -578,9 +578,9 @@ module CompoundBeacon {
       ensures part.Signed? && ret.Success? ==>
                 && ret.value == part.prefix + data
                 && 0 < |ret.value|
-                   //= specification/searchable-encryption/beacons.md#value-for-a-compound-beacon
-                   //= type=implication
-                   //# * This operation MUST fail if any plaintext value used in the construction contains the split character.
+                //= specification/searchable-encryption/beacons.md#value-for-a-compound-beacon
+                //= type=implication
+                //# * This operation MUST fail if any plaintext value used in the construction contains the split character.
                 && split !in data
 
       //= specification/searchable-encryption/beacons.md#part-value-calculation
@@ -593,9 +593,9 @@ module CompoundBeacon {
                 && keys.Keys?
                 && part.beacon.hashStr(data, keys.value).Success?
                 && ret.value == part.prefix + part.beacon.hashStr(data, keys.value).value
-                   //= specification/searchable-encryption/beacons.md#value-for-a-compound-beacon
-                   //= type=implication
-                   //# * This operation MUST fail if any plaintext value used in the construction contains the split character.
+                //= specification/searchable-encryption/beacons.md#value-for-a-compound-beacon
+                //= type=implication
+                //# * This operation MUST fail if any plaintext value used in the construction contains the split character.
                 && split !in data
     {
       :- Need(split !in data, E("Value '" + data + "' for beacon part " + part.getName() + " contains the split character '" + [split] + "'."));
 
@@ -33,7 +33,6 @@ module SearchConfigToInfo {
   import SE = AwsCryptographyDbEncryptionSdkStructuredEncryptionTypes
   import MPT = AwsCryptographyMaterialProvidersTypes
   import Primitives = AtomicPrimitives
-  import UUID
 
   // convert configured SearchConfig to internal SearchInfo
   method Convert(outer : DynamoDbTableEncryptionConfig)
@@ -165,7 +164,7 @@ module SearchConfigToInfo {
           )
       );
     }
-    if config.single? && config.single.partitionId.Some? {
+    else if config.single? && config.single.partitionId.Some? {
       partitionIdBytes :- UTF8.Encode(config.single.partitionId.value)
       .MapFailure(
         e => Error.DynamoDbEncryptionException(
@@ -174,13 +173,7 @@ module SearchConfigToInfo {
       );
     }
     else {
-      var uuid? := UUID.GenerateUUID();
-
-      var uuid :- uuid?
-      .MapFailure(e => Error.DynamoDbEncryptionException(message := e));
-
-      partitionIdBytes :- UUID.ToByteArray(uuid)
-      .MapFailure(e => Error.DynamoDbEncryptionException(message := e));
+      partitionIdBytes :- I.GeneratePartitionId();
     }
 
     if config.multi? {
@@ -511,10 +504,10 @@ module SearchConfigToInfo {
               //= type=implication
               //# Initialization MUST fail if two standard beacons are configured with the same location.
               && FindBeaconWithThisLocation(converted, loc).None?
-                 //= specification/searchable-encryption/virtual.md#virtual-field-initialization
-                 //= type=implication
-                 //# Initialization MUST fail if a virtual field is defined with only one location,
-                 //# and also a [standard beacon](beacons.md#standard-beacon) is defined with that same location.
+              //= specification/searchable-encryption/virtual.md#virtual-field-initialization
+              //= type=implication
+              //# Initialization MUST fail if a virtual field is defined with only one location,
+              //# and also a [standard beacon](beacons.md#standard-beacon) is defined with that same location.
               && FindVirtualFieldWithThisLocation(virtualFields, {loc}).None?
   {
     if |beacons| == 0 {
@@ -643,10 +636,10 @@ module SearchConfigToInfo {
     //# or is not `signed`.
     ensures
       (&& 0 < |parts|
-          //= specification/searchable-encryption/beacons.md#signed-part-initialization
-          //= type=implication
-          //# If no [terminal location](virtual.md#terminal-location) is provided,
-          //# the `name` MUST be used as the [terminal location](virtual.md#terminal-location).
+       //= specification/searchable-encryption/beacons.md#signed-part-initialization
+       //= type=implication
+       //# If no [terminal location](virtual.md#terminal-location) is provided,
+       //# the `name` MUST be used as the [terminal location](virtual.md#terminal-location).
        && GetLoc(parts[0].name, parts[0].loc).Success?
        && var loc := GetLoc(parts[0].name, parts[0].loc).value;
        && !IsSignOnly(outer, CB.Signed(parts[0].prefix, parts[0].name, loc).loc))
@@ -728,10 +721,10 @@ module SearchConfigToInfo {
     ensures ret.Success? ==>
               && |ret.value| == 1
               && |ret.value[0].parts| == |parts| + |converted|
-                 //= specification/searchable-encryption/beacons.md#default-construction
-                 //= type=implication
-                 //# * This default constructor MUST be all of the signed parts,
-                 //# followed by all the encrypted parts, all parts being required.
+              //= specification/searchable-encryption/beacons.md#default-construction
+              //= type=implication
+              //# * This default constructor MUST be all of the signed parts,
+              //# followed by all the encrypted parts, all parts being required.
               && CB.OrderedParts(allParts, numNon)
               && (forall i | 0 <= i < |ret.value[0].parts| ::
                     && ret.value[0].parts[i].part == allParts[i]
@@ -1116,14 +1109,14 @@ module SearchConfigToInfo {
     ensures ret.Success? && 0 < |names| && data[names[0]].Standard? && data[names[0]].std.share.Some? ==>
               && var share := data[names[0]].std.share.value;
               && IsValidShare(data, names[0], data[names[0]].std.length, share).Success?
-                 //= specification/searchable-encryption/beacons.md#shared-initialization
-                 //= type=implication
-                 //# This name MUST be the name of a previously defined Standard Beacon.
+              //= specification/searchable-encryption/beacons.md#shared-initialization
+              //= type=implication
+              //# This name MUST be the name of a previously defined Standard Beacon.
               && share in data
               && data[share].Standard?
-                 //= specification/searchable-encryption/beacons.md#shared-initialization
-                 //= type=implication
-                 //# This beacon's [length](#beacon-length) MUST be equal to the `other` beacon's [length](#beacon-length).
+              //= specification/searchable-encryption/beacons.md#shared-initialization
+              //= type=implication
+              //# This beacon's [length](#beacon-length) MUST be equal to the `other` beacon's [length](#beacon-length).
               && data[share].std.length == data[names[0]].std.length
   {
     if |names| == 0 then
 
@@ -584,10 +584,10 @@ module DynamoToStruct {
     ensures ret.Success? ==>
               && U32ToBigEndian(|b|).Success?
               && |ret.value| == LENGTH_LEN + |b|
-                 //= specification/dynamodb-encryption-client/ddb-attribute-serialization.md#set-entry-length
-                 //= type=implication
-                 //# Set Entry Length MUST be a big-endian unsigned integer
-                 //# equal to the length of [Set Entry Value](#set-entry-value).
+              //= specification/dynamodb-encryption-client/ddb-attribute-serialization.md#set-entry-length
+              //= type=implication
+              //# Set Entry Length MUST be a big-endian unsigned integer
+              //# equal to the length of [Set Entry Value](#set-entry-value).
               && ret.value[0..LENGTH_LEN] == U32ToBigEndian(|b|).value
               && ret.value[LENGTH_LEN..] == b
   {
 
@@ -1289,9 +1289,9 @@ module DynamoDBFilterExpr {
         a[0] < b[0]
       else
         bIsHighSurrogate
-        // we know aIsHighSurrogate != bIsHighSurrogate and a[0] != b[0]
-        // so if bIsHighSurrogate then a is less
-        // and if aIsHighSurrogate then a is greater
+    // we know aIsHighSurrogate != bIsHighSurrogate and a[0] != b[0]
+    // so if bIsHighSurrogate then a is less
+    // and if aIsHighSurrogate then a is greater
   }
 
   predicate method UnicodeLessOrEqual(a : string, b : string)
 
@@ -27,6 +27,7 @@ module SearchableEncryptionInfo {
   import KeyStoreTypes = AwsCryptographyKeyStoreTypes
   import SE = AwsCryptographyDbEncryptionSdkStructuredEncryptionTypes
   import opened CacheConstants
+  import UUID
 
   //= specification/searchable-encryption/search-config.md#version-number
   //= type=implication
@@ -72,11 +73,11 @@ module SearchableEncryptionInfo {
       //# MUST be generated in accordance with [HMAC Key Generation](#hmac-key-generation).
       var newKey :- GetBeaconKey(client, key, keysLeft[0]);
       reveal Seq.HasNoDuplicates();
-             //= specification/searchable-encryption/search-config.md#get-beacon-key-materials
-             //# [Beacon Key Materials](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#beacon-key-materials) MUST be generated
-             //# with the [beacon key id](#beacon-key-id) equal to the `beacon key id`
-             //# and the [HMAC Keys](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#hmac-keys) equal to a map
-             //# of every [standard beacons](beacons.md#standard-beacon-initialization) name to its generated HMAC key.
+      //= specification/searchable-encryption/search-config.md#get-beacon-key-materials
+      //# [Beacon Key Materials](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#beacon-key-materials) MUST be generated
+      //# with the [beacon key id](#beacon-key-id) equal to the `beacon key id`
+      //# and the [HMAC Keys](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#hmac-keys) equal to a map
+      //# of every [standard beacons](beacons.md#standard-beacon-initialization) name to its generated HMAC key.
       output := GetHmacKeys(client, allKeys, keysLeft[1..], key, acc[keysLeft[0] := newKey]);
     }
   }
@@ -106,14 +107,14 @@ module SearchableEncryptionInfo {
               && hkdfInput.digestAlgorithm == Prim.SHA_512
               && hkdfInput.salt == None
               && hkdfInput.ikm == key
-                 //= specification/searchable-encryption/search-config.md#hmac-key-generation
-                 //= type=implication
-                 //# The `info` MUST be the concatenation of "AWS_DBE_SCAN_BEACON" encoded as UTF8
-                 //# and the beacon name.
+              //= specification/searchable-encryption/search-config.md#hmac-key-generation
+              //= type=implication
+              //# The `info` MUST be the concatenation of "AWS_DBE_SCAN_BEACON" encoded as UTF8
+              //# and the beacon name.
               && hkdfInput.info == info
-                 //= specification/searchable-encryption/search-config.md#hmac-key-generation
-                 //= type=implication
-                 //# The `expectedLength` MUST be 64 bytes.
+              //= specification/searchable-encryption/search-config.md#hmac-key-generation
+              //= type=implication
+              //# The `expectedLength` MUST be 64 bytes.
               && hkdfInput.expectedLength == 64
   {
     var info :- UTF8.Encode("AWS_DBE_SCAN_BEACON" + name).MapFailure(e => E(e));
@@ -128,6 +129,20 @@ module SearchableEncryptionInfo {
     return Success(newKey);
   }
 
+  // Generates a new partitionId, which is a random UUID
+  method GeneratePartitionId() returns (output : Result<seq<uint8>, Error>)
+  {
+    var uuid? := UUID.GenerateUUID();
+
+    var uuid :- uuid?
+    .MapFailure(e => Error.DynamoDbEncryptionException(message := e));
+
+    var partitionIdBytes: seq<uint8> :- UUID.ToByteArray(uuid)
+    .MapFailure(e => Error.DynamoDbEncryptionException(message := e));
+
+    output := Success(partitionIdBytes);
+  }
+
   datatype KeyLocation =
     | LiteralLoc (keys: HmacKeyMap)
     | SingleLoc (keyId: string)
@@ -219,6 +234,7 @@ module SearchableEncryptionInfo {
                 && var cacheInput := Seq.Last(newHistory).input;
                 && var cacheOutput := Seq.Last(newHistory).output;
                 && UTF8.Encode(keyId).Success?
+                // TODO - why is this verifying?
                 && cacheInput.identifier == UTF8.Encode(keyId).value
 
                 //= specification/searchable-encryption/search-config.md#get-beacon-key-materials
@@ -234,9 +250,9 @@ module SearchableEncryptionInfo {
                       && var oldGetHistory := old(store.History.GetBeaconKey);
                       && var newGetHistory := store.History.GetBeaconKey;
                       && |newGetHistory| == |oldGetHistory|+1
-                         //= specification/searchable-encryption/search-config.md#get-beacon-key-materials
-                         //= type=implication
-                         //# If `GetBeaconKey` fails get beacon key MUST fail.
+                      //= specification/searchable-encryption/search-config.md#get-beacon-key-materials
+                      //= type=implication
+                      //# If `GetBeaconKey` fails get beacon key MUST fail.
                       && Seq.Last(newGetHistory).output.Success?
                       && var storeInput := Seq.Last(newGetHistory).input;
                       && var storeOutput := Seq.Last(newGetHistory).output;
@@ -258,7 +274,7 @@ module SearchableEncryptionInfo {
                    )
     {
 
-      // Resource ID: Searchable Encryption [0x02]
+      // Resource ID: Hierarchical Keyring [0x02]
       var resourceId : seq<uint8> := RESOURCE_ID_HIERARCHICAL_KEYRING;
 
       // Scope ID: Searchable Encryption [0x03]
@@ -318,7 +334,7 @@ module SearchableEncryptionInfo {
         //# equal to now + configured [cacheTTL](#cachettl).
         var now := Time.GetCurrent();
         var putCacheEntryInput:= MP.PutCacheEntryInput(
-          identifier := keyIdBytes,
+          identifier := identifier,
           materials := MP.Materials.BeaconKey(beaconKeyMaterials),
           creationTime := now,
           expiryTime := now+cacheTTL as MP.PositiveLong,
 
@@ -171,10 +171,10 @@ module DdbVirtualFields {
               //# If the position provided is positive, it MUST be the zero-based index from the start of the list.
               && (0 <= pos < limit ==> ret == pos)
               && (limit <= pos ==> ret == limit-1)
-                 //= specification/searchable-encryption/virtual.md#position-definition
-                 //= type=implication
-                 //# If the position provided is negative, it's absolute value MUST be the
-                 //# one-based index from the end of the list, that is, -1 refers to the last item in the list.
+              //= specification/searchable-encryption/virtual.md#position-definition
+              //= type=implication
+              //# If the position provided is negative, it's absolute value MUST be the
+              //# one-based index from the end of the list, that is, -1 refers to the last item in the list.
               && (0 < -pos < limit ==> ret == limit + pos)
               && (limit <= -pos ==> ret == 0)
   {
@@ -259,10 +259,10 @@ module DdbVirtualFields {
       //= type=implication
       //# If index is greater than the number of items in the list, an empty string MUST be returned.
       && (index >= |parts| || -index > |parts| ==> ret == "")
-         //= specification/searchable-encryption/virtual.md#getsegment-transform-initialization
-         //= type=implication
-         //# The GetSegment transform MUST split the input string on the given character,
-         //# and return the item in the resulting list the corresponds to the given position.
+      //= specification/searchable-encryption/virtual.md#getsegment-transform-initialization
+      //= type=implication
+      //# The GetSegment transform MUST split the input string on the given character,
+      //# and return the item in the resulting list the corresponds to the given position.
       && (index < |parts| && -index <= |parts| ==> ret == parts[GetPos(index, |parts|)])
   {
     var parts := Split(s, split);
@@ -285,9 +285,9 @@ module DdbVirtualFields {
       //# GetSegments MUST return the range of parts from low (inclusive) to high (exclusive),
       //# joined on the `split` character.
       && (lo < hi ==> ret == Join(parts[lo..hi], [split]))
-         //= specification/searchable-encryption/virtual.md#getsegments-transform-initialization
-         //= type=implication
-         //# If high is less than or equal to low, an empty string MUST be returned.
+      //= specification/searchable-encryption/virtual.md#getsegments-transform-initialization
+      //= type=implication
+      //# If high is less than or equal to low, an empty string MUST be returned.
       && (lo >= hi ==> ret == "")
   {
     var parts := Split(s, split);
 
@@ -243,11 +243,11 @@ module BeaconTestFixtures {
     );
     var cache :- expect mpl.CreateCryptographicMaterialsCache(input);
     // Create a test partitionIdBytes
-    var partitionIdBytes : seq<uint8> := [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];
+    var partitionIdBytes : seq<uint8> :- expect SI.GeneratePartitionId();
     return SI.KeySource(client, version.keyStore, SI.LiteralLoc(keys), cache, 0, partitionIdBytes);
   }
 
-  method GetMultiSource(keyName : string, version : BeaconVersion) returns (output : SI.KeySource)
+  method GetMultiSource(keyName : string, version : BeaconVersion, partitionId: Option<seq<uint8>>, shared_cache: Option<MPT.ICryptographicMaterialsCache>) returns (output : SI.KeySource)
     requires version.keyStore.ValidState()
     ensures output.ValidState()
     ensures version.keyStore == output.store
@@ -260,7 +260,7 @@ module BeaconTestFixtures {
     );
     var cache :- expect mpl.CreateCryptographicMaterialsCache(input);
     // Create a test partitionIdBytes
-    var partitionIdBytes : seq<uint8> := [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];
+    var partitionIdBytes : seq<uint8> :- expect SI.GeneratePartitionId();
     return SI.KeySource(client, version.keyStore, SI.MultiLoc(keyName, false), cache, 0, partitionIdBytes);
   }
 
 
@@ -17,7 +17,7 @@ module {:extern "software.amazon.cryptography.dbencryptionsdk.dynamodb.transform
   import AwsCryptographyDbEncryptionSdkStructuredEncryptionTypes
   import AwsCryptographyMaterialProvidersTypes
   import ComAmazonawsDynamodbTypes
-    // Generic helpers for verification of mock/unit tests.
+  // Generic helpers for verification of mock/unit tests.
   datatype DafnyCallEvent<I, O> = DafnyCallEvent(input: I, output: O)
 
   // Begin Generated Types
 
@@ -72,9 +72,9 @@ module DdbMiddlewareConfig {
   {
     && (forall tableName <- config.tableEncryptionConfigs ::
           config.tableEncryptionConfigs[tableName].physicalTableName == tableName)
-       //= specification/dynamodb-encryption-client/ddb-table-encryption-config.md#logical-table-name
-       //# When mapping [DynamoDB Table Names](#dynamodb-table-name) to [logical table name](#logical-table-name)
-       //# there MUST a one to one mapping between the two.
+    //= specification/dynamodb-encryption-client/ddb-table-encryption-config.md#logical-table-name
+    //# When mapping [DynamoDB Table Names](#dynamodb-table-name) to [logical table name](#logical-table-name)
+    //# there MUST a one to one mapping between the two.
     && (forall
           c1 <- config.tableEncryptionConfigs.Values,
           c2 <- config.tableEncryptionConfigs.Values
 
@@ -128,11 +128,11 @@ module DynamoDbMiddlewareSupport {
     (ret : Result<Option<string>, Error>)
     ensures ret.Success? && config.search.Some? && config.search.value.curr().keySource.keyLoc.MultiLoc? ==>
               && output.parsedHeader.Some?
-                 //= specification/searchable-encryption/search-config.md#get-beacon-key-id-from-parsed-header
-                 //= type=implication
-                 //# If the [Parsed Header](../dynamodb-encryption-client/encrypt-item.md#parsed-header)'s encrypted data keys
-                 //# do not contain only one encrypted data key
-                 //# this function MUST fail.
+              //= specification/searchable-encryption/search-config.md#get-beacon-key-id-from-parsed-header
+              //= type=implication
+              //# If the [Parsed Header](../dynamodb-encryption-client/encrypt-item.md#parsed-header)'s encrypted data keys
+              //# do not contain only one encrypted data key
+              //# this function MUST fail.
               && var keys := output.parsedHeader.value.encryptedDataKeys;
               && |keys| == 1
 
 
@@ -188,8 +188,8 @@ module UpdateItemTransform {
              || input.originalInput.ReturnValues.value.ALL_OLD?)
       )
     {
-      // This error should not be possible to reach if we assume the DDB API contract is correct.
-      // We include this runtime check for defensive purposes.
+        // This error should not be possible to reach if we assume the DDB API contract is correct.
+        // We include this runtime check for defensive purposes.
       :- Need(forall k <- attributes.Keys :: !IsSigned(tableConfig, k),
               E("UpdateItems response contains signed attributes, but does not include the entire item which is required for verification."));
 
 
@@ -17,7 +17,7 @@ module {:extern "software.amazon.cryptography.dbencryptionsdk.dynamodb.itemencry
   import AwsCryptographyMaterialProvidersTypes
   import AwsCryptographyPrimitivesTypes
   import ComAmazonawsDynamodbTypes
-    // Generic helpers for verification of mock/unit tests.
+  // Generic helpers for verification of mock/unit tests.
   datatype DafnyCallEvent<I, O> = DafnyCallEvent(input: I, output: O)
 
   // Begin Generated Types
 
@@ -54,11 +54,11 @@ module AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorOperations refines Abs
     || (unauthenticatedAttributes.Some? && attr in unauthenticatedAttributes.value)
     || (unauthenticatedPrefix.Some? && unauthenticatedPrefix.value <= attr)
     || ReservedPrefix <= attr
-       // Attributes with the reserved prefix are "allowed unauthenticated" in that
-       // they are not specified as signed within attributeActionsOnEncrypt.
-       // These attributes MAY still be authenticated via other methods,
-       // such as "aws_dbe_head" which is explicitly added to the canonical hash
-       // used in signing.
+    // Attributes with the reserved prefix are "allowed unauthenticated" in that
+    // they are not specified as signed within attributeActionsOnEncrypt.
+    // These attributes MAY still be authenticated via other methods,
+    // such as "aws_dbe_head" which is explicitly added to the canonical hash
+    // used in signing.
   }
 
   //= specification/dynamodb-encryption-client/decrypt-item.md#signature-scope
@@ -126,9 +126,9 @@ module AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorOperations refines Abs
   {
     && InSignatureScope(config, attr)
     && attr !in config.attributeActionsOnEncrypt
-       // Attributes in signature scope MUST be configured in attributeActionsOnEncrypt
-       // so these two lines are saying "in scope && not in scope"
-       // and that's why it's an error
+    // Attributes in signature scope MUST be configured in attributeActionsOnEncrypt
+    // so these two lines are saying "in scope && not in scope"
+    // and that's why it's an error
   }
 
   // Is the attribute name in signature scope?
@@ -176,9 +176,9 @@ module AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorOperations refines Abs
               //= type=implication
               //# If the Version Number is 2, then the base context MUST be the [version 2](./encrypt-item.md#dynamodb-item-base-context-version-2) context.
               && (header[0] == 2 ==> ret == MakeEncryptionContextV2(config, item))
-                 //= specification/dynamodb-encryption-client/decrypt-item.md#dynamodb-item-base-context
-                 //= type=implication
-                 //# If the Version Number is 1, the base context MUST be the [version 1](./encrypt-item.md#dynamodb-item-base-context-version-1) context.
+              //= specification/dynamodb-encryption-client/decrypt-item.md#dynamodb-item-base-context
+              //= type=implication
+              //# If the Version Number is 1, the base context MUST be the [version 1](./encrypt-item.md#dynamodb-item-base-context-version-1) context.
               && (header[0] == 1 ==> ret == MakeEncryptionContextV1(config, item))
               && ((header[0] == 1) || (header[0] == 2))
 
@@ -441,7 +441,7 @@ module AwsCryptographyDbEncryptionSdkDynamoDbItemEncryptorOperations refines Abs
     // The partition key MUST be CSE.SIGN_ONLY
     && config.partitionKeyName in config.attributeActionsOnEncrypt
     && config.attributeActionsOnEncrypt[config.partitionKeyName] == KeyActionFromVersion(config.version)
-       // The sort key MUST be CSE.SIGN_ONLY
+    // The sort key MUST be CSE.SIGN_ONLY
     && (config.sortKeyName.Some? ==>
           && config.sortKeyName.value in config.attributeActionsOnEncrypt
           && config.attributeActionsOnEncrypt[config.sortKeyName.value] == KeyActionFromVersion(config.version))
 
@@ -11,7 +11,7 @@ module {:extern "software.amazon.cryptography.dbencryptionsdk.structuredencrypti
   import opened UTF8
   import AwsCryptographyMaterialProvidersTypes
   import AwsCryptographyPrimitivesTypes
-    // Generic helpers for verification of mock/unit tests.
+  // Generic helpers for verification of mock/unit tests.
   datatype DafnyCallEvent<I, O> = DafnyCallEvent(input: I, output: O)
 
   // Begin Generated Types
 
@@ -715,9 +715,9 @@ module AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations refines Abst
       assume {:axiom} input.cmm.Modifies !! {config.materialProviders.History};
       var newEncryptionContext :- GetV2EncryptionContext(input.plaintextStructure);
       if |newEncryptionContext| != 0 {
-        //= specification/structured-encryption/encrypt-path-structure.md#create-new-encryption-context-and-cmm
-        //# An error MUST be returned if any of the entries added to the encryption context in this step
-        //# have the same key as any entry already in the encryption context.
+          //= specification/structured-encryption/encrypt-path-structure.md#create-new-encryption-context-and-cmm
+          //# An error MUST be returned if any of the entries added to the encryption context in this step
+          //# have the same key as any entry already in the encryption context.
         :- Need(encryptionContext.Keys !! newEncryptionContext.Keys,
                 E("Internal Error - Structured Encryption encryption context overlaps with Item Encryptor encryption context."));
         encryptionContext := encryptionContext + newEncryptionContext;
@@ -1070,9 +1070,9 @@ module AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations refines Abst
       //# in the input record, plus the Legend.
       var newEncryptionContext :- GetV2EncryptionContext(UnCanon(canonData));
       if |newEncryptionContext| != 0 {
-        //= specification/structured-encryption/decrypt-path-structure.md#create-new-encryption-context-and-cmm
-        //# An error MUST be returned if any of the entries added to the encryption context in this step
-        //# have the same key as any entry already in the encryption context.
+          //= specification/structured-encryption/decrypt-path-structure.md#create-new-encryption-context-and-cmm
+          //# An error MUST be returned if any of the entries added to the encryption context in this step
+          //# have the same key as any entry already in the encryption context.
         :- Need(encryptionContext.Keys !! newEncryptionContext.Keys,
                 E("Internal Error - Structured Encryption encryption context overlaps with Item Encryptor encryption context."));
         encryptionContext := encryptionContext + newEncryptionContext;
 
@@ -552,7 +552,7 @@ module {:options "/functionSyntax:4" } Canonize {
 
   // This says vcs_split_on_every_assert, because it has many many asserts, each of which is cheap
   opaque function {:vcs_split_on_every_assert}
-  DoResolveLegend(canonSorted : CanonAuthList, legend: Header.Legend, ghost tableName : GoodString, ghost data : AuthList) : (ret : Result<CanonCryptoList, Error>)
+    DoResolveLegend(canonSorted : CanonAuthList, legend: Header.Legend, ghost tableName : GoodString, ghost data : AuthList) : (ret : Result<CanonCryptoList, Error>)
     requires CanonAuthMatchesAuthList(tableName, data, canonSorted)
     requires Relations.SortedBy(canonSorted, SortCanon.AuthBelow)
     ensures ret.Success? ==>
 
@@ -26,7 +26,7 @@ module StructuredEncryptionCrypt {
   import AesKdfCtr
   import Seq
   import SortCanon
-    // import Relations
+  // import Relations
   import opened Canonize
 
   function method FieldKey(HKDFOutput : Bytes, offset : uint32)
@@ -455,9 +455,9 @@ module StructuredEncryptionCrypt {
               //# The `Cipherkey` MUST be the first 32 bytes of the `FieldKey`
               && KeySize == 32
               && encryptInput.key == fieldKey[0..KeySize]
-                 //= specification/structured-encryption/encrypt-path-structure.md#calculate-cipherkey-and-nonce
-                 //= type=implication
-                 //# The `Nonce` MUST be the remaining 12 bytes of the `FieldKey`
+              //= specification/structured-encryption/encrypt-path-structure.md#calculate-cipherkey-and-nonce
+              //= type=implication
+              //# The `Nonce` MUST be the remaining 12 bytes of the `FieldKey`
               && NonceSize == 12
               && |fieldKey| - KeySize == 12
               && encryptInput.iv == fieldKey[KeySize..]
@@ -510,10 +510,10 @@ module StructuredEncryptionCrypt {
     returns (ret : Result<StructuredDataTerminal, Error>)
     ensures ret.Success? ==>
               && |data.value| >= (AuthTagSize+2)
-                 //= specification/structured-encryption/decrypt-path-structure.md#terminal-data-decryption
-                 //= type=implication
-                 //# The output Terminal Data MUST have a [Terminal Type Id](./structures.md#terminal-type-id)
-                 //# equal to the deserialized Terminal Type Id.
+              //= specification/structured-encryption/decrypt-path-structure.md#terminal-data-decryption
+              //= type=implication
+              //# The output Terminal Data MUST have a [Terminal Type Id](./structures.md#terminal-type-id)
+              //# equal to the deserialized Terminal Type Id.
               && ret.value.typeId == data.value[0..TYPEID_LEN]
               && ret.value != data
 
 
@@ -114,17 +114,17 @@ module StructuredEncryptionHeader {
     function method {:opaque} serialize() : (ret : Bytes)
       ensures
         && PREFIX_LEN <= |ret|
-           //= specification/structured-encryption/header.md#partial-header
-           //= type=implication
-           //# The Partial Header MUST be
-           // | Length (bytes) | Meaning |
-           // |---|---|
-           // | 1 | [Format Version](#format-version) |
-           // | 1 | [Format Flavor](#format-flavor) |
-           // | 32 | [Message ID](#message-id) |
-           // | Variable | [Encrypt Legend](#encrypt-legend) |
-           // | Variable | [Encryption Context](#encryption-context) |
-           // | Variable | [Encrypted Data Keys](#encrypted-data-keys) |
+        //= specification/structured-encryption/header.md#partial-header
+        //= type=implication
+        //# The Partial Header MUST be
+        // | Length (bytes) | Meaning |
+        // |---|---|
+        // | 1 | [Format Version](#format-version) |
+        // | 1 | [Format Flavor](#format-flavor) |
+        // | 32 | [Message ID](#message-id) |
+        // | Variable | [Encrypt Legend](#encrypt-legend) |
+        // | Variable | [Encryption Context](#encryption-context) |
+        // | Variable | [Encrypted Data Keys](#encrypted-data-keys) |
         && ret == (
                     [version]
                     + [flavor]
@@ -321,10 +321,10 @@ module StructuredEncryptionHeader {
     requires ValidSuite(alg)
     ensures ret.Success? ==>
               && |ret.value| == COMMITMENT_LEN
-                 //= specification/structured-encryption/header.md#commitment-calculation
-                 //= type=implication
-                 //# The Header Commitment MUST be calculated as a the first 32 bytes of an HmacSha384,
-                 //# with the serialized partial header as the message, and the Commit Key as the key.
+              //= specification/structured-encryption/header.md#commitment-calculation
+              //= type=implication
+              //# The Header Commitment MUST be calculated as a the first 32 bytes of an HmacSha384,
+              //# with the serialized partial header as the message, and the Commit Key as the key.
               && var input := Prim.HMacInput(
                                 digestAlgorithm := alg.commitment.HKDF.hmac,
                                 key := commitKey,
 
@@ -27,7 +27,7 @@ public class MultiKeyStore {
   private final CacheType cache;
 
   /**
-   * Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+   * Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
    */
   private final String partitionId;
 
@@ -60,7 +60,7 @@ public CacheType cache() {
   }
 
   /**
-   * @return Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+   * @return Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
    */
   public String partitionId() {
     return this.partitionId;
@@ -106,12 +106,12 @@ public interface Builder {
     CacheType cache();
 
     /**
-     * @param partitionId Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+     * @param partitionId Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
      */
     Builder partitionId(String partitionId);
 
     /**
-     * @return Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+     * @return Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
      */
     String partitionId();
 
 
@@ -27,7 +27,7 @@ public class SingleKeyStore {
   private final CacheType cache;
 
   /**
-   * Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+   * Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
    */
   private final String partitionId;
 
@@ -60,7 +60,7 @@ public CacheType cache() {
   }
 
   /**
-   * @return Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+   * @return Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
    */
   public String partitionId() {
     return this.partitionId;
@@ -106,12 +106,12 @@ public interface Builder {
     CacheType cache();
 
     /**
-     * @param partitionId Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+     * @param partitionId Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
      */
     Builder partitionId(String partitionId);
 
     /**
-     * @return Partition ID to distinguish Beacon Key Sources writing to a cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the cache.
+     * @return Partition ID to distinguish Beacon Key Sources writing to a Shared cache. If the Partition ID is the same for two Beacon Key Sources, they can share the same cache entries in the Shared cache.
      */
     String partitionId();
 
 
@@ -2,10 +2,10 @@
 // SPDX-License-Identifier: Apache-2.0
 // Do not modify this file. This file is machine generated, and any changes to it will be overwritten.
 include "../../../../submodules/MaterialProviders/StandardLibrary/src/Index.dfy"
-  // BEGIN MANUAL EDIT
+// BEGIN MANUAL EDIT
 include "../../../../DynamoDbEncryption/dafny/DynamoDbEncryption/src/Index.dfy"
 include "../../../../submodules/MaterialProviders/TestVectorsAwsCryptographicMaterialProviders/dafny/KeyVectors/src/Index.dfy"
-  // END MANUAL EDIT
+// END MANUAL EDIT
 abstract module WrappedAbstractAwsCryptographyDynamoDbEncryptionService {
   import opened Wrappers
   import opened StandardLibrary.UInt
 
@@ -526,7 +526,7 @@ module {:options "-functionSyntax:4"} JsonConfig {
     var client :- expect Primitives.AtomicPrimitives();
 
     // Create a test partitionIdBytes
-    var partitionIdBytes : seq<uint8> := [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];
+    var partitionIdBytes : seq<uint8> :- expect SI.GeneratePartitionId();
     var src := SI.KeySource(client, store, SI.SingleLoc("foo"), cache, 100 as uint32, partitionIdBytes);
 
     var bv :- expect SI.MakeBeaconVersion(1, src, map[], map[], map[]);
Original file line number	Diff line number	Diff line change
`@@ -188,8 +188,8 @@ module UpdateItemTransform {`
`188`	`188`	`\|\| input.originalInput.ReturnValues.value.ALL_OLD?)`
`189`	`189`	`)`
`190`	`190`	`{`
`191`		`- // This error should not be possible to reach if we assume the DDB API contract is correct.`
`192`		`- // We include this runtime check for defensive purposes.`
	`191`	`+ // This error should not be possible to reach if we assume the DDB API contract is correct.`
	`192`	`+ // We include this runtime check for defensive purposes.`
`193`	`193`	`:- Need(forall k <- attributes.Keys :: !IsSigned(tableConfig, k),`
`194`	`194`	`E("UpdateItems response contains signed attributes, but does not include the entire item which is required for verification."));`
`195`	`195`